This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/75211e-3619-425f-babd-79dc3d0bbed8/1/IY2yiCPzcIslWqEkum73QdET6vM.mft File: IY2yiCPzcIslWqEkum73QdET6vM.mft (raw, json) Hash identifier: It2kXPxuIOwomDu5vVoh2ANvMpMPjjZaduqVGDjCTNs= Subject key identifier: D3:35:F6:13:02:5B:1B:E3:07:0D:81:E2:BE:C7:1B:FB:C1:E5:B7:90 Authority key identifier: 21:8D:B2:88:23:F3:70:8B:25:5A:A1:24:BA:6E:F7:41:D1:13:EA:F3 Certificate issuer: /CN=218db28823f3708b255aa124ba6ef741d113eaf3 Certificate serial: 019B3F489FC85D1B3136B9B04444446754A8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IY2yiCPzcIslWqEkum73QdET6vM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/75211e-3619-425f-babd-79dc3d0bbed8/1/IY2yiCPzcIslWqEkum73QdET6vM.mft Manifest number: 0F84 Signing time: Sun 21 Dec 2025 05:01:22 +0000 Manifest this update: Sun 21 Dec 2025 05:01:22 +0000 Manifest next update: Mon 22 Dec 2025 05:01:22 +0000 Files and hashes: 1: HaSDza_YVtRITzJIrQ3cs39clVI.roa (hash: MJ8iuClDZO6N2HHVvtqNHlRWHvmySc+prn9LGP/6I2Y=) 2: IY2yiCPzcIslWqEkum73QdET6vM.crl (hash: OSd+EQME5Xy8M8vLsGvnr4lGJH8EtAkWEsarBaM2NhI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/75211e-3619-425f-babd-79dc3d0bbed8/1/IY2yiCPzcIslWqEkum73QdET6vM.crl rsync://rpki.ripe.net/repository/DEFAULT/41/75211e-3619-425f-babd-79dc3d0bbed8/1/IY2yiCPzcIslWqEkum73QdET6vM.mft rsync://rpki.ripe.net/repository/DEFAULT/IY2yiCPzcIslWqEkum73QdET6vM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3f:48:9f:c8:5d:1b:31:36:b9:b0:44:44:44:67:54:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=218db28823f3708b255aa124ba6ef741d113eaf3 Validity Not Before: Dec 21 05:01:22 2025 GMT Not After : Dec 22 05:01:22 2025 GMT Subject: CN=d335f613025b1be3070d81e2bec71bfbc1e5b790 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:31:ad:d1:db:b9:d2:73:71:6a:07:9e:62:56: 2f:66:a6:06:10:33:15:dc:fb:8b:e8:4e:43:97:2f: b5:16:6e:92:48:06:d6:af:75:5a:94:03:40:9f:74: 51:4f:5c:f4:34:c8:ef:4f:9d:59:54:eb:dc:bc:35: 58:c7:ea:c8:41:cc:a6:5a:18:75:d5:82:94:e1:4c: c1:f0:5f:41:c2:23:a3:1a:b1:71:ba:52:83:6e:c4: ff:e5:79:27:b6:6d:93:f9:7b:47:3e:c5:a8:c6:22: 92:ca:ac:6c:b0:00:95:50:eb:6a:31:42:49:c0:c4: 4b:a8:bd:09:39:f7:2e:16:76:75:dd:59:a6:f4:7a: a2:0d:73:e4:b4:41:d1:c1:aa:91:c0:c5:17:54:85: dd:6c:7a:7a:6f:98:e1:e5:26:00:72:88:68:d4:60: b6:5e:fd:52:56:bc:ef:39:3c:b1:d8:47:a6:dc:05: c4:f1:56:85:55:19:39:8a:d6:c4:f3:c5:ed:32:ce: 9e:9f:8a:e0:9c:42:d2:0e:cc:5f:1b:b6:06:9b:ce: f8:91:06:22:87:d5:1e:28:93:ea:f3:4b:bf:d9:04: bc:50:92:a6:79:d6:56:3b:89:06:58:9a:26:f5:85: 88:58:eb:f0:3f:dd:c3:16:41:ed:42:7b:21:49:43: 20:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:35:F6:13:02:5B:1B:E3:07:0D:81:E2:BE:C7:1B:FB:C1:E5:B7:90 X509v3 Authority Key Identifier: keyid:21:8D:B2:88:23:F3:70:8B:25:5A:A1:24:BA:6E:F7:41:D1:13:EA:F3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IY2yiCPzcIslWqEkum73QdET6vM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/75211e-3619-425f-babd-79dc3d0bbed8/1/IY2yiCPzcIslWqEkum73QdET6vM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/41/75211e-3619-425f-babd-79dc3d0bbed8/1/IY2yiCPzcIslWqEkum73QdET6vM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 21:22:78:a3:07:95:3f:24:8c:d5:f1:49:d8:18:9e:a7:35:fc: 49:86:21:64:48:91:f3:3f:71:89:c9:b0:6e:bd:bc:76:da:d6: b1:57:41:ca:95:9b:2f:8a:b3:e5:29:d4:ae:c3:fa:d3:6a:f3: 23:fc:36:e5:53:08:e3:90:61:8d:ca:f5:e9:af:29:bb:96:37: 4f:e6:75:fc:91:8d:dc:be:c9:bb:64:8a:f5:33:bc:bc:29:00: 0c:fe:fe:4b:e4:30:2b:08:da:f2:03:60:96:9e:d4:d8:3f:15: 4f:58:43:5a:65:5d:7e:42:9b:b9:fc:be:0b:26:d0:7c:e6:e1: fa:a3:2a:8f:92:83:89:35:f0:6d:50:e9:af:34:e6:26:5f:70: 4b:b4:76:66:93:46:ec:31:64:eb:ff:c5:64:38:7c:d9:86:cd: 66:ca:ea:7d:f4:e5:f6:ec:62:58:ab:07:54:4a:4b:8a:91:84: 44:b6:3b:43:68:02:b3:c6:1b:1e:3a:33:df:cc:d3:6e:76:b0: fb:d9:71:ac:8a:21:40:60:ab:7c:65:c7:88:8c:12:da:5d:02: 0e:35:31:98:9d:91:0c:34:8c:b3:73:4c:17:37:c5:02:ba:14: 96:f3:8e:1d:74:63:17:99:82:fb:cf:1c:b5:d5:3e:11:31:4e: 5c:0a:26:f6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs/SJ/IXRsxNrmwREREZ1SoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxOGRiMjg4MjNmMzcwOGIyNTVhYTEyNGJhNmVmNzQxZDEx M2VhZjMwHhcNMjUxMjIxMDUwMTIyWhcNMjUxMjIyMDUwMTIyWjAzMTEwLwYDVQQD EyhkMzM1ZjYxMzAyNWIxYmUzMDcwZDgxZTJiZWM3MWJmYmMxZTViNzkwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTGt0du50nNxageeYlYvZqYGEDMV 3PuL6E5Dly+1Fm6SSAbWr3ValANAn3RRT1z0NMjvT51ZVOvcvDVYx+rIQcymWhh1 1YKU4UzB8F9BwiOjGrFxulKDbsT/5Xkntm2T+XtHPsWoxiKSyqxssACVUOtqMUJJ wMRLqL0JOfcuFnZ13Vmm9HqiDXPktEHRwaqRwMUXVIXdbHp6b5jh5SYAcoho1GC2 Xv1SVrzvOTyx2Eem3AXE8VaFVRk5itbE88XtMs6en4rgnELSDsxfG7YGm874kQYi h9UeKJPq80u/2QS8UJKmedZWO4kGWJom9YWIWOvwP93DFkHtQnshSUMgoQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNM19hMCWxvjBw2B4r7HG/vB5beQMB8GA1UdIwQY MBaAFCGNsogj83CLJVqhJLpu90HRE+rzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSVkyeWlDUHpjSXNsV3FFa3VtNzNRZEVUNnZNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS83NTIxMWUtMzYxOS00MjVmLWJhYmQt NzlkYzNkMGJiZWQ4LzEvSVkyeWlDUHpjSXNsV3FFa3VtNzNRZEVUNnZNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MS83NTIxMWUtMzYxOS00MjVmLWJhYmQtNzlkYzNkMGJiZWQ4 LzEvSVkyeWlDUHpjSXNsV3FFa3VtNzNRZEVUNnZNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAISJ4oweV PySM1fFJ2BiepzX8SYYhZEiR8z9xicmwbr28dtrWsVdBypWbL4qz5SnUrsP602rz I/w25VMI45Bhjcr16a8pu5Y3T+Z1/JGN3L7Ju2SK9TO8vCkADP7+S+QwKwja8gNg lp7U2D8VT1hDWmVdfkKbufy+CybQfObh+qMqj5KDiTXwbVDprzTmJl9wS7R2ZpNG 7DFk6//FZDh82YbNZsrqffTl9uxiWKsHVEpLipGERLY7Q2gCs8YbHjoz38zTbnaw +9lxrIohQGCrfGXHiIwS2l0CDjUxmJ2RDDSMs3NMFzfFAroUlvOOHXRjF5mC+88c tdU+ETFOXAom9g== -----END CERTIFICATE-----Generated at Sun Dec 21 07:02:36 2025 by rpki-client